wwparcel.html

FOXMAN-UN System Overview

FOXMAN-UN Cybersecurity Deployment Guideline

Basic Cybersecurity Considerations

A Formalized Security Model

Security Policies and Principles

Security Services

Possible External Communication (including Remote Access)

Network Elements (NE)

Host based Firewall

Physical access / device lock down

BIOS/UEFI and boot configuration

Appropriate use banners

Backup / Recovery

Applications / Services

Physical Security

Product Related Details

LINUX Security Recommendation

BIOS/UEFI and Bootloader Passwords

Require Authentication for Single User

Disable Interactive Boot

OS Patch Management

Removing Unused Programs

Enforcing Read-only Mounting of Removable Media

Configurable Logon/Warning Banner

Password Security

Administrative Controls

Insecure Services

Firewall (Ports and Services)

Logging and Auditing

Windows® Security Recommendation

BIOS/UEFI Settings

Data Execution Prevention (DEP)

Removing Unused Programs

Windows® Updates/Patch Management

Disabling Devices

Configurable Logon/Warning Banner

User Account Control (UAC)

Create Unprivileged User Account

Firewall (Ports and Services)

Product User Accounts

RADIUS Configuration

Installing a Redundant Network Management System

Verify Authenticity of Obtained SW Distribution

Decommissioning

Reporting a Cybersecurity Vulnerability or Incident

FOXMAN-UN System Description

Server Redundancy

FOXMAN-UN Architecture

NEM Core and Database

Managed Network Elements

FOX61x and FOX51x Families

NEM Client (Graphical User Interfaces)

Northbound Interfaces

FOXMAN-UN Key Functionality

Fault Management

Configuration Management

Performance Management, Diagnostics and Status

Security Management

FOXMAN-UN Deployment Scenarios

Single User - Single Workstation

Multi-User - Single / Redundant Workstation with Agent(s)

Regionally Organized O&M with Network Partitioning

FOXMAN-UN in a Multi-Vendor Environment

Simple Network Management Protocol (SNMP) Proxy Agent

The Managed Network Environment

Management Interfaces

In-band Management

FOX51x Management Environment

Management Interfaces

In-band ECC sub-networks for FOX515/FOX512

Mixed Networks and Interworking of ECC & EOC Sub-networks

Out-of-band Router Management Sub-network

“FO” NEs Management Environment

SNMP Management Environment

Management Interface

NEM Graphical User Interface

Fault Management

NEM Configurator

Standard Procedure

NEs of Type ‘Foreign Objects’

Security Configuration

Fault Management

NE Configuration Management

Operational Aspects

NEM Network Browser (legacy application)

Maps - Group Maps

Find Symbol Facility

Alarm Indication

Fault Management

Configuration Management

Managed Objects

Hardware View NE

Hardware View Unit

Hardware View Subunit

NEs of Type Foreign Object

Event List (legacy application)

Security Administration

Role-based Access Control (RBAC)

User Defined Roles

Network Partitioning

Fault Management

Alarm Notification

Alarm Status Filter

Alarm Severities

Alarm Customization

Severity «Off»

Alarm Flooding Protection

Foreign Object Alarms

Alarm Localization

Alarm Acknowledgment

Alarms Properties

Alarm List Printout

Alarm Email Notification

Alarm Escalation

History File Cycling

History Data Retrieval

Logbook Function

NE Alarm Synchronization

Trouble Ticketing

Configuration Management

FOX61x NE Configuration

Configuration Changes

Simultaneous Access

FOX51x NE Configuration

Configuration Changes

Simultaneous Access

Local Configuration Change

Inventory for FOX51x

Network Configuration

Section Definition

End to End Configuration

Configuration Tasks

NE Password Tasks

Profile & CPS Tasks

Performance Management, Diagnostics, and Status

Monitoring Session

Performance Management

Recommendation ITU-T G.826

Performance Data Retrieval

Automatic Performance Data Collection

Collection Schedules

Metrics Database

MPLS-TP Diagnostics

TDM Diagnostics

FOX51x Diagnostics

Integrated Testing of Subscriber Lines

Status Monitoring

Activation / Deactivation States

Idle / Busy States of POTS Lines

Controlled Slip Counts

Network Element Timing Source Status

Synchronization Map

Network Element Synchronization

Ethernet Traffic Protection Maps

Spanning Tree Map

Ethernet Ring Protection Switching (ERPS) Map

Networking Package

Status Indications

Defining End Point of an Application

Manual Circuit Configuration

Automatic Circuit Configuration

NP Reporting Tool

NP Reporting Tool

Ethernet Networking Package

MPLS-TP Architecture and Operations

Hierarchical QoS

Pseudo Wire Tab

Service Profile Tab

Create Service Profile

Automatic Routing

Advanced Routing

Working and Protecting LSP

OAM Bidirectional Forwarding Detection (BFD)

Path Protection

Attached Pseudo Wire

Circuit Emulation

Service Supervision and Reporting

Adding Services to Supervision

System Services

Adding Services

Advanced Services

Creating Services

Service Supervision Tools and Options

Service Reporting

Service Report Manager

Print & Information Export

Table Print /Export

Installation, Administration & Help Tools

System Administration

License Information

Managing Authentication Keys

Start/Stop Services

Inventory Information

Database Backup and Restore

Managing Main/Standby Configuration

NEM Help Viewer

Remote Executor

Technical Documentation

FOXMAN-UN Standby & Recovery Concepts

Database Backup

Standby Concept for FOXMAN-UN

Internal Process Recovery

HW and OS Requirements

Microsoft Windows Platform

License Concept

FOXMAN-UN Licensing Model

Licensing Model Overview

Main Server & Client

Non-commercial Demo License

Test License (lab use)

Licensing Model Details

Extra Concurrent User

Ethernet Networking Package ENP (MPLS-TP)

Networking Package NP (TDM)

Ethernet Protection Ring (ERPS)

Spanning Tree Protocol (STP)

SNMP Southbound Interface (SBI) Devices

Advanced Service Supervision (>50 services)

System Service Supervision (>50 services)

Service Level Agreement (SLA) Reporting

Northbound Interface (SNMP) Fault Management

FOXMAN-UN Upgrade

Integration of Specific Network Node Types

FOX61x Nodes Integration

FOX660 Nodes Integration (restricted)

XMC20/UMUX Nodes Integration

Basic Package with EDS500 Nodes Integration

EDS500 Nodes SBI Integration

Support Encryption with DIRAC

FOXMAN-UN Logging Feature Description

System Event Log Manager

Security Event Log Manager

Backup/restore interaction

Security Events

NEM Client Log Files (/var/log/nem/logclient)

Enable / Disable Program Tracing

Log, Trace and *.txt File Rotation Definitions

Upgrading FOXMAN-UN and FOX61x - Application Note

Symbols and Notations

Target Audience

Terms and Abbreviations

Purpose and Scope

Supported Upgrade Scenario

Foreign Object (FO) Upgrade

Upgrade Sequences

Network Upgrade Sequence without MPLS-TP Encryption

Network Upgrade Sequence with MPLS-TP Encryption

Network Upgrade Sequence without Network Manager

Workaround for FOXMAN-UN Upgrade in Main/Standby Setup

Unsupported Upgrade Scenarios

Version Information

Background Information

Upgrade R17A to R18

FOXMAN-UN and DIRAC upgrade

Upgrade FOXMAN-UN database from R17A to R18

Post-upgrade steps

Pre-upgrade steps

Upgrade via FOXMAN-UN (ESW Distribution Wizard)

Upgrade via FOXCST

Unit ESW has System Release R17A Status

Management Connection to the Active Core Unit

Equipment is Fault Free

Correct FOXCST Version is being used

Limitations for the Upgrade

Step-by-Step Procedure

Post-upgrade steps

Upgrade R16B to R18

FOXMAN-UN and DIRAC upgrade

Upgrade FOXMAN-UN database from R16B to R18

Post-upgrade steps

Pre-upgrade steps

Upgrade via FOXMAN-UN

Upgrade via FOXCST

Unit ESW has System Release R16B Status

Management Connection to the Active Core Unit

Equipment is Fault Free

Correct FOXCST Version is being used

Limitations for the Upgrade

Step-by-Step Procedure

Post-upgrade steps

SENC1 Software upgrade to R18

Foreign Object (FO) Upgrade to R18